Secure memory systems
US-2018165479-A1 · Jun 14, 2018 · US
Protecting cryptographic keys stored in non-volatile memory
US12393702B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12393702-B2 |
| Application number | US-202217854295-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jun 30, 2022 |
| Priority date | Jan 31, 2018 |
| Publication date | Aug 19, 2025 |
| Grant date | Aug 19, 2025 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Systems and methods for protecting cryptographic keys stored in a non-volatile memory. An example method may comprise: storing a device root key in a non-volatile memory; storing a volatile key in a volatile memory; storing a masked cryptographic key in the non-volatile memory, wherein the masked cryptographic key is produced by combining a cryptographic key and the device root key; storing a masked device root key in the non-volatile memory, wherein the masked root key is produced by combining the device root key and the volatile key; and erasing the device root key from the non-volatile memory.
First claim
Opening claim text (preview).
What is claimed is: 1. A method, comprising: storing a volatile key in a volatile memory; storing a masked cryptographic key in a non-volatile memory, wherein the masked cryptographic key is produced by combining a cryptographic key and a device root key; and storing a masked device root key in the non-volatile memory, wherein the masked device root key is produced by combining the device root key and the volatile key. 2. The method of claim 1 , further comprising: responsive to detecting a tampering event, erasing the volatile key from the volatile memory. 3. The method of claim 1 , further comprising: restoring the device root key by combining the masked device root key and the volatile key; restoring the cryptographic key by combining the masked cryptographic key and the device root key; and utilizing the cryptographic key for performing a cryptographic data processing operation. 4. The method of claim 1 , wherein combining the cryptographic key and the device root key further comprises: performing an exclusive disjunction operation of the cryptographic key and the device root key. 5. The method of claim 1 , wherein combining the device root key and the volatile key further comprises: performing an exclusive disjunction operation of the device root key and the volatile key. 6. The method of claim 1 , further comprising: receiving, from an external source, at least one of: the device root key, the volatile key, or the cryptographic key. 7. The method of claim 1 , further comprising: generating at least one of: the device root key, the volatile key, or the cryptographic key. 8. A system comprising: a non-volatile memory; a volatile memory; a voltage control circuit configured to interrupt power supply to the volatile memory responsive to receiving a signal indicating a tampering event; and a processor configured to: store a volatile key in the volatile memory; store a masked cryptographic key in the non-volatile memory, wherein the masked cryptographic key is produced by combining a cryptographic key and a device root key; and store a masked device root key in the non-volatile memory, wherein the masked device root key is produced by combining the device root key and the volatile key. 9. The system of claim 8 , wherein the processor is further configured to: restore the device root key by combining the masked device root key and the volatile key; restore the cryptographic key by combining the masked cryptographic key and the device root key; and utilize the cryptographic key for performing a cryptographic data processing operation. 10. The system of claim 8 , wherein combining the cryptographic key and the device root key further comprises: performing an exclusive disjunction operation of the cryptographic key and the device root key. 11. A method, comprising: storing a masked cryptographic key in a non-volatile memory, wherein the masked cryptographic key is produced by combining a cryptographic key and a device root key; storing the device root key in a volatile memory; and responsive to detecting a tampering event, erasing the device root key from the volatile memory. 12. The method of claim 11 , further comprising: restoring the cryptographic key by combining the masked cryptographic key and the device root key; and utilizing the cryptographic key for performing a cryptographic data processing operation. 13. The method of claim 11 , wherein combining the cryptographic key and the device root key further comprises: performing an exclusive disjunction operation of the cryptographic key and the device root key. 14. The method of claim 11 , further comprising: receiving, from an external source, at least one of: the device root key or the cryptographic key. 15. The method of claim 11 , further comprising: generating at least one of: the device root key or the cryptographic key. 16. The method of claim 2 , wherein erasing the volatile key from the volatile memory further comprises: sending a reset signal to the volatile memory. 17. The method of claim 2 , wherein erasing the volatile key from the volatile memory further comprises: interrupting power supply to the volatile memory. 18. The system of claim 8 , wherein combining the device root key and the volatile key further comprises: performing an exclusive disjunction operation of the device root key and the volatile key. 19. The method of claim 11 , wherein erasing the device root key from the volatile memory further comprises: sending a reset signal to the volatile memory. 20. The method of claim 11 , wherein erasing the device root key from the volatile memory further comprises: interrupting power supply to the volatile memory.
Assignees
Inventors
Classifications
Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage · CPC title
using key encryption key · CPC title
in semiconductor storage media, e.g. directly-addressable memories · CPC title
by using cryptography (for digital transmission H04L9/00) · CPC title
Resetting means · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12393702B2 cover?
- Systems and methods for protecting cryptographic keys stored in a non-volatile memory. An example method may comprise: storing a device root key in a non-volatile memory; storing a volatile key in a volatile memory; storing a masked cryptographic key in the non-volatile memory, wherein the masked cryptographic key is produced by combining a cryptographic key and the device root key; storing a m…
- Who is the assignee on this patent?
- Cryptography Res Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/602. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Aug 19 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 3 related publications on this page (citations in our corpus or others sharing the same primary CPC).